CVE-2022-48224

Name of the Vulnerable Software and Affected Versions Acuant AcuFill SDK versions prior to 10.22.02.03

Description The issue is related to insecure permissions in the installation of the software, allowing standard users to replace files within the Program Files directory that are executed with elevated privileges. This can lead to arbitrary code execution and elevation of privileges.

Recommendations For versions prior to 10.22.02.03, update to version 10.22.02.03 or later to resolve the issue. As a temporary workaround, consider restricting write access to the Program Files directory to prevent standard users from replacing files that can be executed with elevated privileges.